CVE-2021-31955
Windows Kernel Information Disclosure Vulnerability
In short
A flaw in Windows Kernel allows unauthorized access to sensitive system memory information. An attacker with local access can read kernel data that should be protected, potentially exposing system details.
Technical detail
CWE-497 information exposure vulnerability in Windows Kernel allows local unprivileged processes to read kernel memory regions through a side-channel or improper access control mechanism. Requires local code execution; impacts confidentiality of kernel data structures and system configuration.
Summary generated and translated by AI from the official description.
Windows Kernel Information Disclosure Vulnerability
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C
Affected products
Microsoft · Windows 10 Version 1809Microsoft · Windows 10 Version 1909Microsoft · Windows 10 Version 2004Microsoft · Windows 10 Version 20H2Microsoft · Windows 10 Version 21H1Microsoft · Windows Server 2019Microsoft · Windows Server 2019 (Server Core installation)Microsoft · Windows Server version 2004Microsoft · Windows Server version 20H2public PoCs found — 2
githubgithub.com/freeide/CVE-2021-31955-POC★ 13githubgithub.com/ApexPredator-InfoSec/forti_shield★ 2⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →